from:"Damien Miller"

CVS: cvs.openbsd.org: src

2022-05-08 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/05/08 16:58:35 Modified files: usr.bin/ssh: ssh-keygen.c Log message: improve error message when 'ssh-keygen -Y sign' is unable to load a private key; bz3429, reported by Adam Szkoda ok dtucker@

CVS: cvs.openbsd.org: src

2022-05-08 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/05/08 16:32:36 Modified files: usr.bin/ssh: sftp.c Log message: When performing operations that glob(3) a remote path, ensure that the implicit working directory used to construct that path escapes

CVS: cvs.openbsd.org: src

2022-05-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/05/04 19:04:14 Modified files: usr.bin/ssh: sshkey.c Log message: sshkey_unshield_private() contains a exact duplicate of the code in private2_check_padding(). Pull private2_check_padding() up so th

CVS: cvs.openbsd.org: src

2022-05-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/05/04 18:56:58 Modified files: usr.bin/ssh: channels.c channels.h Log message: channel_new no longer frees remote_name. So update the comment accordingly. As remote_name is not modified, it can be

CVS: cvs.openbsd.org: src

2022-05-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/05/04 18:55:11 Modified files: usr.bin/ssh: mux.c Log message: mux.c: mark argument as const; from Martin Vahlensieck

CVS: cvs.openbsd.org: src

2022-05-01 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/05/01 17:20:30 Modified files: usr.bin/ssh: moduli.c Log message: fix some integer overflows in sieve_large() that show up when trying to generate modp groups > 16k bits. Reported via GHPR#306 by Be

CVS: cvs.openbsd.org: src

2022-04-28 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/04/28 22:55:08 Modified files: usr.bin/ssh: addr.c Log message: be stricter in which characters will be accepted in specifying a mask length; allow only 0-9. From khaleesicodes via GHPR#278; ok dtuc

CVS: cvs.openbsd.org: src

2022-04-28 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/04/28 21:24:30 Modified files: usr.bin/ssh: ssh-pkcs11-helper.8 ssh-sk-helper.8 Log message: mention that the helpers are used by ssh(1), ssh-agent(1) and ssh-keygen(1). Previously only ssh(1) was m

CVS: cvs.openbsd.org: src

2022-04-28 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/04/28 21:13:32 Modified files: usr.bin/ssh: ssh-agent.c Log message: fix memleak on session-bind path; from Pedro Martelletto, ok dtucker@

CVS: cvs.openbsd.org: src

2022-04-27 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/04/27 20:53:32 Modified files: usr.bin/ssh: krl.c Log message: avoid printing hash algorithm twice; from lucas AT sexy.is

CVS: cvs.openbsd.org: src

2022-04-19 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/04/19 22:19:11 Modified files: usr.bin/ssh: channels.c clientloop.c serverloop.c Log message: Try to continue running local I/O for channels in state OPEN during SSH transport rekeying. The most vis

CVS: cvs.openbsd.org: src

2022-04-11 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/04/11 16:52:08 Modified files: usr.bin/ssh: channels.c Log message: clear io_want/io_ready flags at start of poll() cycle; avoids plausible spin during rekeying if channel io_want flags are reused a

CVS: cvs.openbsd.org: src

2022-04-07 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/04/07 22:40:40 Modified files: usr.bin/ssh: sshbuf.c Log message: two defensive changes from Tobias Stoeckmann via GHPR287 enforce stricter invarient for sshbuf_set_parent() - never allow a buffer

CVS: cvs.openbsd.org: www

2022-04-07 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/04/07 22:23:55 Modified files: openssh: report.html Log message: update bugzilla link

CVS: cvs.openbsd.org: www

2022-04-07 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/04/07 19:48:40 Modified files: openssh: ftp.html index.html openbsd.html releasenotes.html openssh/txt: release-9.0 Log message: OpenSSH 9.0

CVS: cvs.openbsd.org: www

2022-04-07 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/04/07 19:48:24 Modified files: build : Makefile build/mirrors : openssh-ftp.html.head Log message: OpenSSH 9.0

CVS: cvs.openbsd.org: www

2022-04-07 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/04/07 19:47:57 Added files: openssh/txt: release-9.0 Log message: OpenSSH 9.0 release notes

CVS: cvs.openbsd.org: src

2022-04-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/04/04 16:45:25 Modified files: usr.bin/ssh: version.h Log message: openssh-9.0

Re: CVS: cvs.openbsd.org: src

2022-03-30 Thread Damien Miller

On Wed, 30 Mar 2022, Damien Miller wrote: > CVSROOT: /cvs > Module name: src > Changes by: d...@cvs.openbsd.org2022/03/30 21:05:49 > > Modified files: > usr.bin/ssh: PROTOCOL sftp-server.c > usr.bin/ssh/sftp-server: Makefile > > Log

CVS: cvs.openbsd.org: src

2022-03-30 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/30 21:07:33 Modified files: regress/usr.bin/ssh: sftp-cmds.sh Log message: regression test for sftp cp command

CVS: cvs.openbsd.org: src

2022-03-30 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/30 21:07:03 Modified files: usr.bin/ssh: sftp-client.c sftp-client.h sftp.1 sftp.c Log message: add a sftp client "cp" command that supports server-side copying of files. Useful for this task and

CVS: cvs.openbsd.org: src

2022-03-30 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/30 21:05:49 Modified files: usr.bin/ssh: PROTOCOL sftp-server.c usr.bin/ssh/sftp-server: Makefile Log message: add support for the "corp-data" protocol extension to allow server-side cop

CVS: cvs.openbsd.org: src

2022-03-30 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/30 15:13:23 Modified files: usr.bin/ssh: myproposal.h Log message: select post-quantum KEX sntrup761x25519-sha...@openssh.com as the default; ok markus@

CVS: cvs.openbsd.org: src

2022-03-30 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/30 15:10:25 Modified files: usr.bin/ssh: channels.c channels.h Log message: fix poll() spin when a channel's output fd closes without data in the channel buffer. Introduce more exact packing of c

CVS: cvs.openbsd.org: src

2022-03-29 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/29 22:33:09 Modified files: usr.bin/ssh: ssh.c Log message: ssh is almost out of getopt() characters; note the remaining remaining available ones in a comment

CVS: cvs.openbsd.org: src

2022-03-29 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/29 22:27:51 Modified files: usr.bin/ssh: sshsig.c Log message: avoid NULL deref via ssh-keygen -Y find-principals. bz3409, reported by Mateusz Adamowski

CVS: cvs.openbsd.org: src

2022-03-20 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/20 02:52:17 Modified files: usr.bin/ssh: scp.c Log message: don't leak argument list; bz3404, reported by Balu Gajjala ok dtucker@

CVS: cvs.openbsd.org: src

2022-03-20 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/20 02:51:21 Modified files: usr.bin/ssh: misc.c Log message: make addargs() and replacearg() a little more robust and improve error reporting make freeargs(NULL) a noop like the other free funct

CVS: cvs.openbsd.org: src

2022-03-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/17 22:04:11 Modified files: usr.bin/ssh: servconf.c servconf.h sshd.c Log message: don't try to resolve ListenAddress directives in the sshd re-exec path - we're never going to use the result and

CVS: cvs.openbsd.org: src

2022-03-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/17 20:50:22 Modified files: usr.bin/ssh: sftp.c Log message: remove blank line

CVS: cvs.openbsd.org: src

2022-03-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/17 20:32:22 Modified files: usr.bin/ssh: ssh-keygen.c Log message: helpful comment

CVS: cvs.openbsd.org: src

2022-03-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/17 20:31:25 Modified files: usr.bin/ssh: ssh-keygen.c Log message: ssh-keygen -Y check-novalidate requires namespace or SEGV will ensue. Patch from Mateusz Adamowski via GHPR#307

CVS: cvs.openbsd.org: src

2022-03-14 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/03/14 23:27:37 Modified files: usr.bin/ssh: channels.c Log message: improve DEBUG_CHANNEL_POLL debugging message

CVS: cvs.openbsd.org: src

2022-02-28 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/28 18:59:19 Modified files: usr.bin/ssh: sshd.c Log message: pack pollfd array before server_accept_loop() ppoll() call, and terminate sshd if ppoll() returns errno==EINVAL avoids spin in ppoll

CVS: cvs.openbsd.org: src

2022-02-24 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/24 19:09:27 Modified files: usr.bin/ssh: monitor.c Log message: save an unneccessary alloc/free, based on patch from Martin Vahlensieck; ok dtucker@

CVS: cvs.openbsd.org: www

2022-02-23 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/02/23 20:38:17 Modified files: openssh: releasenotes.html openssh/txt: release-8.9 Log message: missing word; spotted by Alexander H

CVS: cvs.openbsd.org: src

2022-02-23 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/23 14:21:50 Modified files: usr.bin/ssh: auth-rhosts.c Log message: free(3) wants stdlib.h

CVS: cvs.openbsd.org: src

2022-02-23 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/23 14:21:16 Modified files: usr.bin/ssh: scp.1 Log message: put back the scp manpage changes for SFTP mode too

CVS: cvs.openbsd.org: www

2022-02-23 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/02/23 04:59:18 Modified files: build : Makefile build/mirrors : openssh-ftp.html.head openssh: ftp.html index.html openbsd.html releasenotes.h

CVS: cvs.openbsd.org: www

2022-02-23 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/02/23 04:55:29 Added files: openssh/txt: release-8.9 Log message: openssh 8.9 release notes

CVS: cvs.openbsd.org: src

2022-02-23 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/23 04:18:13 Modified files: usr.bin/ssh: auth2.c Log message: avoid integer overflow of auth attempts (harmless, caught by monitor)

CVS: cvs.openbsd.org: src

2022-02-23 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/23 04:17:10 Modified files: usr.bin/ssh: auth.c Log message: randomise the password used in fakepw

CVS: cvs.openbsd.org: src

2022-02-23 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/23 04:15:57 Modified files: usr.bin/ssh: auth-rhosts.c Log message: use asprintf to construct .rhosts paths

CVS: cvs.openbsd.org: src

2022-02-23 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/23 04:07:09 Modified files: usr.bin/ssh: version.h Log message: openssh-8.9

CVS: cvs.openbsd.org: src

2022-02-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/17 03:58:27 Modified files: usr.bin/ssh: channels.c Log message: check for EINTR/EAGAIN failures in the rfd fast-path; caught by dtucker's minix3 vm :) ok dtucker@

CVS: cvs.openbsd.org: src

2022-02-14 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/14 22:13:36 Modified files: usr.bin/ssh: ssh_config.5 Log message: document the unbound/host-bound options to PubkeyAuthentication; spotted by HARUYAMA Seigo

CVS: cvs.openbsd.org: src

2022-02-09 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/09 21:12:39 Modified files: usr.bin/ssh: scp.1 scp.c Log message: revert for imminent OpenSSH release, which wil ship with scp in RCP mode. > revision 1.106 > date: 2021/10/15 14:46:46; author:

CVS: cvs.openbsd.org: src

2022-02-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/06 18:25:12 Modified files: usr.bin/ssh: sk-usbhid.c Log message: use libfido2 1.8.0+ fido_assert_set_clientdata() instead of manually hashing data outselves. Saves a fair bit of code and makes l

CVS: cvs.openbsd.org: src

2022-02-01 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/01 16:37:15 Modified files: regress/usr.bin/ssh: sshsig.sh Log message: test 'ssh-keygen -Y find-principals' with wildcard principals; from Fabian Stelzer

CVS: cvs.openbsd.org: src

2022-02-01 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/01 16:34:47 Modified files: usr.bin/ssh: sshsig.c Log message: allow 'ssh-keygen -Y find-principals' to match wildcard principals in allowed_signers files; from Fabian Stelzer

CVS: cvs.openbsd.org: src

2022-02-01 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/01 16:32:51 Modified files: usr.bin/ssh: sshconnect2.c ssh-keygen.c sftp-server.c nchan.c kex.c dns.c auth-rhosts.c Log message: mark const string array contents const t

CVS: cvs.openbsd.org: src

2022-02-01 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/02/01 16:11:11 Modified files: usr.bin/ssh: scp.c Log message: better match legacy scp behaviour: show un-expanded paths in error messages. Spotted by and ok tb@

CVS: cvs.openbsd.org: src

2022-01-21 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/21 17:49:34 Modified files: usr.bin/ssh: channels.h clientloop.c packet.c packet.h serverloop.c Log message: add a ssh_packet_process_read() function that reads from a f

CVS: cvs.openbsd.org: src

2022-01-21 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/21 17:45:32 Modified files: usr.bin/ssh: channels.c Log message: Use sshbuf_read() to read directly into the channel input buffer rather than into a stack buffer that needs to be copied again; Im

CVS: cvs.openbsd.org: src

2022-01-21 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/21 17:43:43 Modified files: usr.bin/ssh: sshbuf-misc.c sshbuf.h Log message: Add a sshbuf_read() that attempts to read(2) directly in to a sshbuf; ok markus@

CVS: cvs.openbsd.org: src

2022-01-20 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/21 00:04:19 Modified files: usr.bin/ssh: clientloop.c Log message: add a helper for writing an error message to the stderr_buf and setting quit_pending; no functional change but saves a bunch of

CVS: cvs.openbsd.org: src

2022-01-20 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/20 23:58:06 Modified files: usr.bin/ssh: packet.c Log message: correct comment and use local variable instead of long indirection; spotted by dtucker@

CVS: cvs.openbsd.org: src

2022-01-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/17 15:56:04 Modified files: usr.bin/ssh: packet.c Log message: when decompressing zlib compressed packets, use Z_SYNC_FLUSH instead of Z_PARTIAL_FLUSH as the latter is not actually specified as a

CVS: cvs.openbsd.org: src

2022-01-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/17 14:41:04 Modified files: usr.bin/ssh: sftp-client.c Log message: make most of the sftp errors more idiomatic, following the general form of "[local/remote] operation path: error message"; ok m

CVS: cvs.openbsd.org: src

2022-01-17 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/17 14:39:51 Modified files: usr.bin/ssh: scp.c Log message: when transferring multiple files in SFTP mode, create the destination directory if it doesn't already exist to match olde-scp(1) behavi

CVS: cvs.openbsd.org: src

2022-01-13 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/13 20:43:48 Modified files: usr.bin/ssh: ssh-add.c ssh-agent.c Log message: allow pin-required FIDO keys to be added to ssh-agent(1). ssh-askpass will be used to request the PIN at authentication

CVS: cvs.openbsd.org: src

2022-01-13 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/13 20:35:10 Modified files: usr.bin/ssh: ssh-sk.c Log message: ssh-sk: free a resident key's user id >From Pedro Martelletto; ok dtucker & me

CVS: cvs.openbsd.org: src

2022-01-13 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/13 20:34:01 Modified files: usr.bin/ssh: ssh-sk-client.c Log message: sshsk_load_resident: don't preallocate resp resp is allocated by client_converse(), at which point we lose the original poin

CVS: cvs.openbsd.org: src

2022-01-13 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/13 20:32:52 Modified files: usr.bin/ssh: ssh-sk-client.c Log message: sshsk_sign: trim call to sshkey_fingerprint() the resulting fingerprint doesn't appear to be used for anything, and we end u

CVS: cvs.openbsd.org: src

2022-01-13 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/13 20:31:52 Modified files: usr.bin/ssh: sftp-server.c Log message: use status error message to communicate ~user expansion failures; provides better experience for scp in sftp mode, where ~user

CVS: cvs.openbsd.org: src

2022-01-11 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/11 15:33:16 Modified files: regress/usr.bin/ssh/unittests/sshsig: webauthn.html Log message: remove hardcoded domain and use window.location.host, so this can be run anywhere

CVS: cvs.openbsd.org: src

2022-01-10 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/10 18:26:47 Modified files: usr.bin/ssh: clientloop.c mux.c Log message: suppress "Connection to xxx closed" messages at LogLevel >= error bz3378; ok dtucker@

CVS: cvs.openbsd.org: www

2022-01-09 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/01/09 20:06:23 Modified files: openssh: agent-restrict.html Log message: correct date marker; it's 2022 already. From Yifei Zhan

CVS: cvs.openbsd.org: www

2022-01-09 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/01/09 17:39:49 Modified files: openssh: agent-restrict.html Log message: really remove missing markup; spotted by tj

CVS: cvs.openbsd.org: www

2022-01-07 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/01/08 00:43:58 Modified files: openssh: agent-restrict.html Log message: don't mention missing markus

CVS: cvs.openbsd.org: src

2022-01-07 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/08 00:37:32 Modified files: usr.bin/ssh: sftp-client.c Log message: use status error message to communicate ~user expansion failures; provides better experience for scp in sftp mode, where ~user

CVS: cvs.openbsd.org: src

2022-01-07 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/08 00:36:11 Modified files: usr.bin/ssh: scp.c Log message: fix some corner-case bugs in scp sftp-mode handling of ~-prefixed paths; spotted by jsg; feedback jsg & deraadt, ok jsg & markus

CVS: cvs.openbsd.org: src

2022-01-07 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/08 00:34:57 Modified files: usr.bin/ssh: sftp-client.c Log message: more idiomatic error messages; spotted by jsg & deraadt ok jsg & markus

CVS: cvs.openbsd.org: src

2022-01-07 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/08 00:33:54 Modified files: usr.bin/ssh: sftp-server.c Log message: add a variant of send_status() that allows overriding the default, generic error message. feedback/ok markus & jsg

CVS: cvs.openbsd.org: src

2022-01-07 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/08 00:32:45 Modified files: usr.bin/ssh: misc.c Log message: refactor tilde_expand_filename() and make it handle ~user paths with no trailing slash; feedback/ok markus and jsg

CVS: cvs.openbsd.org: www

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/01/06 20:07:49 Modified files: openssh: agent-restrict.html Log message: typos; from Ãngel

CVS: cvs.openbsd.org: www

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/01/06 19:58:01 Modified files: openssh: agent-restrict.html Log message: clarify

CVS: cvs.openbsd.org: www

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:www Changes by: d...@cvs.openbsd.org2022/01/06 19:33:42 Modified files: openssh: agent-restrict.html Log message: mention proxyjump

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 15:06:51 Modified files: usr.bin/ssh: sshconnect2.c Log message: allow hostbased auth to select RSA keys when only RSA/SHA2 are configured (this is the default case); ok markus@

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 15:05:42 Modified files: usr.bin/ssh: sshkey.c sshkey.h Log message: add a helper function to match a key type to a list of signature algorithms. RSA keys can make signatures with multiple alg

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 15:04:20 Modified files: usr.bin/ssh: ssh.c Log message: log some details on hostkeys that ssh loads for hostbased authn ok markus@

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 15:03:59 Modified files: usr.bin/ssh: monitor.c Log message: log signature algorithm during verification by monitor; ok markus

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 15:02:52 Modified files: usr.bin/ssh: hostfile.c Log message: piece of UpdateHostkeys client strictification: when updating known_hosts with new keys, ignore NULL keys (forgot to include in pr

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 15:01:14 Modified files: usr.bin/ssh: auth2-hostbased.c Log message: include rejected signature algorithm in error message and not the (useless) key type; ok markus

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 15:00:18 Modified files: usr.bin/ssh: ssh-keysign.c Log message: make ssh-keysign use the requested signature algorithm and not the default for the keytype. Part of unbreaking hostbased auth f

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 14:57:28 Modified files: usr.bin/ssh: clientloop.c Log message: stricter UpdateHostkey signature verification logic on the client- side. Require RSA/SHA2 signatures for RSA hostkeys except whe

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 14:55:23 Modified files: usr.bin/ssh: kex.c kex.h serverloop.c Log message: Fix signature algorithm selection logic for UpdateHostkeys on the server side. The previous code tried to prefer RSA

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 14:48:38 Modified files: usr.bin/ssh: channels.c channels.h clientloop.c serverloop.c Log message: convert ssh, sshd mainloops from select() to poll(); feedback & ok deraadt@ and markus@ has b

CVS: cvs.openbsd.org: src

2022-01-06 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/06 14:46:23 Modified files: usr.bin/ssh: channels.c channels.h Log message: prepare for conversion of ssh, sshd mainloop from select() to poll() by moving FD_SET construction out of channel handl

CVS: cvs.openbsd.org: src

2022-01-05 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/05 14:54:37 Modified files: usr.bin/ssh: ssh-keygen.c Log message: add a comment so I don't make this mistake again

CVS: cvs.openbsd.org: src

2022-01-05 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/05 14:50:00 Modified files: usr.bin/ssh: ssh-keygen.c Log message: fix cut-and-pasto in error message

CVS: cvs.openbsd.org: src

2022-01-05 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/05 01:25:05 Modified files: regress/usr.bin/ssh: hostkey-rotate.sh Log message: select all RSA hostkey algorithms for UpdateHostkeys tests, not just RSA-SHA1

CVS: cvs.openbsd.org: src

2022-01-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 21:56:15 Modified files: regress/usr.bin/ssh: sshsig.sh Log message: regress test both sshsig message hash algorithms, possible now because the algorithm is controllable via the CLI

CVS: cvs.openbsd.org: src

2022-01-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 21:50:11 Modified files: usr.bin/ssh: ssh-keygen.1 ssh-keygen.c Log message: allow selection of hash at sshsig signing time; code already supported either sha512 (default) or sha256, but plumb

CVS: cvs.openbsd.org: src

2022-01-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 21:27:54 Modified files: usr.bin/ssh: ssh-keygen.c Log message: add missing -O option to usage() for ssh-keygen -Y sign; from Linus Nordberg

CVS: cvs.openbsd.org: src

2022-01-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 21:27:01 Modified files: usr.bin/ssh: ssh-keygen.c Log message: move sig_process_opts() to before sig_sign(); no functional code change

CVS: cvs.openbsd.org: src

2022-01-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 21:10:39 Modified files: regress/usr.bin/ssh: sshsig.sh Log message: regression test for find-principals NULL deref; from Fabian Stelzer

CVS: cvs.openbsd.org: src

2022-01-04 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 21:02:42 Modified files: usr.bin/ssh: sshsig.c Log message: NULL deref when using find-principals when matching an allowed_signers line that contains a namespace restriction, but no restrictio

CVS: cvs.openbsd.org: src

2022-01-03 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2022/01/04 00:20:33 Modified files: regress/usr.bin/ssh: agent-restrict.sh Log message: unbreak test: was picking up system ssh-add instead of the one supposedly being tested. Spotted by dtucker and using hi

CVS: cvs.openbsd.org: src

2021-12-31 Thread Damien Miller

CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2021/12/31 21:18:06 Modified files: usr.bin/ssh: ssh-agent.c Log message: fix memleak in process_extension(); oss-fuzz issue #42719

< 1 2 3 4 5 6 7 8 9 10 >

401 - 500 of 1566 matches

Mail list logo